Merge branch 'kb_migration' into kb_migration_development

2023-04-25 17:08:49 +09:00 · 2023-04-25 17:08:49 +09:00 · 8812295d8c
commit 8812295d8c
parent fd618eabd2 70ea37a4cc
302 changed files with 4018 additions and 2611 deletions
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@ -7,7 +7,7 @@ class AccountsController < ApplicationController
  include AccountControllerConcern
  include SignatureAuthentication

-  vary_by -> { public_fetch_mode? ? 'Accept' : 'Accept, Signature' }
+  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }

  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }

--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -12,7 +12,6 @@ class Api::BaseController < ApplicationController

  before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
  before_action :require_not_suspended!
-  before_action :set_cache_control_defaults

  protect_from_forgery with: :null_session

@ -148,10 +147,6 @@ class Api::BaseController < ApplicationController
    doorkeeper_authorize!(*scopes) if doorkeeper_token
  end

-  def set_cache_control_defaults
-    response.cache_control.replace(private: true, no_store: true)
-  end
-
  def disallow_unauthenticated_api_access?
    ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.whitelist_mode
  end
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -19,6 +19,7 @@ class ApplicationController < ActionController::Base
  helper_method :omniauth_only?
  helper_method :sso_account_settings
  helper_method :whitelist_mode?
+  helper_method :body_class_string

  rescue_from ActionController::ParameterMissing, Paperclip::AdapterRegistry::NoHandlerError, with: :bad_request
  rescue_from Mastodon::NotPermittedError, with: :forbidden
@ -38,6 +39,8 @@ class ApplicationController < ActionController::Base
  before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
  before_action :require_functional!, if: :user_signed_in?

+  before_action :set_cache_control_defaults
+
  skip_before_action :verify_authenticity_token, only: :raise_not_found

  def raise_not_found
@ -125,7 +128,7 @@ class ApplicationController < ActionController::Base
  end

  def sso_account_settings
-    ENV.fetch('SSO_ACCOUNT_SETTINGS')
+    ENV.fetch('SSO_ACCOUNT_SETTINGS', nil)
  end

  def current_account
@ -146,10 +149,18 @@ class ApplicationController < ActionController::Base
    current_user.setting_theme
  end

+  def body_class_string
+    @body_classes || ''
+  end
+
  def respond_with_error(code)
    respond_to do |format|
      format.any  { render "errors/#{code}", layout: 'error', status: code, formats: [:html] }
      format.json { render json: { error: Rack::Utils::HTTP_STATUS_CODES[code] }, status: code }
    end
  end
+
+  def set_cache_control_defaults
+    response.cache_control.replace(private: true, no_store: true)
+  end
 end
--- a/app/controllers/concerns/cache_concern.rb
+++ b/app/controllers/concerns/cache_concern.rb
@ -163,6 +163,20 @@ module CacheConcern
    end
  end

+  included do
+    after_action :enforce_cache_control!
+  end
+
+  # Prevents high-entropy headers such as `Cookie`, `Signature` or `Authorization`
+  # from being used as cache keys, while allowing to `Vary` on them (to not serve
+  # anonymous cached data to authenticated requests when authentication matters)
+  def enforce_cache_control!
+    vary = response.headers['Vary']&.split&.map { |x| x.strip.downcase }
+    return unless vary.present? && %w(cookie authorization signature).any? { |header| vary.include?(header) && request.headers[header].present? }
+
+    response.cache_control.replace(private: true, no_store: true)
+  end
+
  def render_with_cache(**options)
    raise ArgumentError, 'Only JSON render calls are supported' unless options.key?(:json) || block_given?

--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@ -6,6 +6,8 @@ module WebAppControllerConcern
  included do
    prepend_before_action :redirect_unauthenticated_to_permalinks!
    before_action :set_app_body_class
+
+    vary_by 'Accept, Accept-Language, Cookie'
  end

  def set_app_body_class
--- a/app/controllers/follower_accounts_controller.rb
+++ b/app/controllers/follower_accounts_controller.rb
@ -5,7 +5,7 @@ class FollowerAccountsController < ApplicationController
  include SignatureVerification
  include WebAppControllerConcern

-  vary_by -> { public_fetch_mode? ? 'Accept' : 'Accept, Signature' }
+  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }

  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }

--- a/app/controllers/following_accounts_controller.rb
+++ b/app/controllers/following_accounts_controller.rb
@ -5,7 +5,7 @@ class FollowingAccountsController < ApplicationController
  include SignatureVerification
  include WebAppControllerConcern

-  vary_by -> { public_fetch_mode? ? 'Accept' : 'Accept, Signature' }
+  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }

  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }

--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@ -6,7 +6,7 @@ class StatusesController < ApplicationController
  include Authorization
  include AccountOwnedConcern

-  vary_by -> { public_fetch_mode? ? 'Accept' : 'Accept, Signature' }
+  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }

  before_action :require_account_signature!, only: [:show, :activity], if: -> { request.format == :json && authorized_fetch_mode? }
  before_action :set_status
@ -30,7 +30,7 @@ class StatusesController < ApplicationController
      end

      format.json do
-        expires_in 3.minutes, public: @status.distributable? && public_fetch_mode?
+        expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode?
        render_with_cache json: @status, content_type: 'application/activity+json', serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter
      end
    end
--- a/app/controllers/tags_controller.rb
+++ b/app/controllers/tags_controller.rb
@ -7,7 +7,7 @@ class TagsController < ApplicationController
  PAGE_SIZE     = 20
  PAGE_SIZE_MAX = 200

-  vary_by -> { public_fetch_mode? ? 'Accept' : 'Accept, Signature' }
+  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }

  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
  before_action :authenticate_user!, if: :whitelist_mode?